Primary

Context

PhreeBooks ERP Remote Code Execution Vulnerability in Image Manager

Vulnerability

A remote code execution vulnerability has been identified in PhreeBooks ERP version 5.2.3. This vulnerability resides in the image manager, where authenticated attackers can upload and execute arbitrary PHP files by circumventing file extension restrictions. Exploitation of this vulnerability allows attackers to establish reverse shell connections and execute system commands.

Impact

Exploitation of this vulnerability allows for remote code execution on the server where PhreeBooks ERP is hosted.

Reproduction

To reproduce this vulnerability, an authenticated user must upload a malicious PHP file through the image manager's upload feature. The uploaded file can then be executed to run arbitrary commands on the server. This can be automated with a Python script that handles the authentication and file upload process.

Added: Mar 24, 2026, 12:19 PM

Updated: Mar 24, 2026, 12:19 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

10.0

exploitability

6.6

remediation

0.0

relevance

4.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

10.0

exploitability

6.6

remediation

0.0

relevance

4.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PhreeBooks ERP Remote Code Execution Vulnerability in Image Manager

Vulnerability

Impact

Reproduction

Affected Products

PhreeBooks ERP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating